package com.lanswon.common.shiro;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.AccessControlFilter;
import org.springframework.stereotype.Service;

@Service
public class AdminAuthcFilter extends AccessControlFilter {
	String loginUrl = "/admin.do";

	@Override
	protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception {
		return false;
	}

	@Override
	protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
		Subject subject = getSubject(request, response);
		HttpServletResponse hresponse =(HttpServletResponse) response;
		HttpServletRequest hrequest =(HttpServletRequest) request;
        if (subject.getPrincipal() == null) {// 表示没有登录，重定向到登录页面
            saveRequest(request);
            
            hresponse.sendRedirect(hrequest.getContextPath() + "/admin.do");
        }else {
        	String url = getPathWithinApplication(request);
        	hresponse.sendRedirect(hrequest.getContextPath() + url);
        }
		return false;
	}
	
}
